﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace Adams.Public.Api.Controllers
{
    [EnsureHttps]
    public class ProfileController : Controller
    {
        public ActionResult GetMember(Adams.Public.DataTransfer.Profile.GetMemberInput input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var model = DataAccess.Profile.GetMember(input);
            return new JsonXmlResult(model);
        }

        public ActionResult GetCreditCard(Adams.Public.DataTransfer.MemberInfo input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var model = DataAccess.Profile.GetCreditCard(input);
            return new JsonXmlResult(model);
        }

        public ActionResult SaveEmail(Adams.Public.DataTransfer.Profile.SaveEmailInput input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var output = Validation.PerformBasicValidation(input);

            if (output.IsValid)
            {
                var memberinfo = DataAccess.Profile.GetMemberInfo(input.MemberID, input.Email);
                if (!Shared.Str.IsEqual(input.Email, memberinfo.Email))
                {
                    if (memberinfo.Exists)
                    {
                        output.InvalidFields.Add(new DataTransfer.InvalidField()
                        {
                            Name = "Email",
                            Code = 4
                        });
                    }
                }

                if (output.IsValid)
                {
                    DataAccess.Profile.SaveEmail(input);
                    output.IsSaved = true;

                    string subject = "Confirm your ADAMS account";
                    string from = Shared.Config.GetAppSetting("SecurityFromEmail");
                    string body = Api.Email.GenerateChangeEmail(input.Email);
                    Email.QueueEmail(subject, from, input.Email, body, 1);
                }
            }

            return new JsonXmlResult(output);
        }

        public ActionResult SaveGeneral(Adams.Public.DataTransfer.Profile.SaveGeneralInput input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var output = Validation.PerformBasicValidation(input);

            if (output.IsValid)
            {
                DataAccess.Profile.SaveGeneral(input);
                output.IsSaved = true;
            }

            return new JsonXmlResult(output);
        }

        public ActionResult SavePassword(Adams.Public.DataTransfer.Profile.SavePasswordInput input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var output = Validation.PerformBasicValidation(input);

            if (output.IsValid)
            {
                if (!Shared.Str.IsEqual(input.Password1, input.Password2))
                {
                    output.InvalidFields.Add(new DataTransfer.InvalidField()
                    {
                        Name = "Password2",
                        Code = 6
                    });
                }

                if (output.IsValid)
                {
                    var memberinfo = DataAccess.Profile.GetMemberInfo(input.MemberID);
                    string hashedPassword = Adams.Shared.Encryption.HashPassword(input.Password, memberinfo.PasswordSalt);
                    if (!Shared.Str.IsEqual(hashedPassword, memberinfo.PasswordHash))
                    {
                        output.InvalidFields.Add(new DataTransfer.InvalidField()
                        {
                            Name = "Password",
                            Code = 5
                        });
                    }

                    if (output.IsValid)
                    {
                        hashedPassword = Adams.Shared.Encryption.HashPassword(input.Password1, memberinfo.PasswordSalt);
                        DataAccess.Profile.SavePassword(input.MemberID, hashedPassword);
                        output.IsSaved = true;
                    }
                }
            }

            return new JsonXmlResult(output);
        }

        public ActionResult SaveCreditCard(Adams.Public.DataTransfer.Profile.SaveCreditCardInput input)
        {
            input.MemberID = Api.Security.GetMemberIDFromToken(input.Token);
            var output = Validation.PerformBasicValidation(input);

            if (output.IsValid)
            {
                if (DateTime.Now.Year > input.CardExpireYear.ToInt() ||
                    (DateTime.Now.Year == input.CardExpireYear.ToInt() && DateTime.Now.Month > input.CardExpireMonth.ToInt()))
                {
                    output.InvalidFields.Add(new DataTransfer.InvalidField()
                    {
                        Name = "ExpireYear",
                        Code = 25
                    });
                }

                if (output.IsValid)
                {
                    var save = Shared.ObjectHelper.CopyObject<Adams.Public.DataTransfer.Profile.SaveCreditCardSave>(input);

                    save.CardNumber = Shared.Crypt.RsaEncrypt(input.CardNumber, Shared.Config.GetAppSetting("RSAPublicKey"));
                    save.Last4Digits = input.CardNumber.Substring(input.CardNumber.Length - 4);

                    DataAccess.Profile.SaveCreditCard(save);
                    output.IsSaved = true;
                }
            }

            return new JsonXmlResult(output);
        }
    }
}
